Cansec West - Vulnerability Class and Windows Media Presentation
mark February 26th, 2008
Hi there,
As Justin indicated in his last post, he and I will be delivering a “dojo” class on finding vulnerabilities in contemporary C/C++-based applications. We have really tried to focus on delivering fresh and interesting material on the subject, rather than just regurgitating the same old stuff you have heard 100 times before (although, admittedly, some of that stuff is necessary). Our goal is to create a class that will examine not only vulnerability classes, but the processes that you need to follow to find those spicy 0day bugs. The stuff I have put in has proven successful for me, and hopefully will give attendees insight into the practical application of vulnerability knowledge on high-value targets.
In other news, I am also giving a talk at CansecWest with John McDonald on Windows Media stuff. Here, we are going to discuss the various media architectures prevalent on Windows OSs for developing both filters (codecs) and playback software. After touching on the architecture, we will discuss enumeration of attack surface and how to go about auditing media-based software (codecs in particularly) for vulnerabilities. It turned out that due to time constraints (our speech is 1 hour), we will not be able to present all the material we have prepared in its entirety, however we will probably leave all the content in the slides that get posted on the website.
Hope to see you all there!
will you share the presentation with us ?
The presentations should be up at http://cansecwest.com/pastevents.html sometime soon.
Hi Mark,
Still going through your book, and picking up lots of nice stuff. Any plans to do more vulnerability class like the one you did at Cansec West? And maybe a 2-3 days class? Thanks.
Kind Regards,
SC
@SC: Yeah, we will be doing it in the future again, and we will keep you posted as to exactly where / when on this blog. Currently, it seems like we are probably going to do it at pacsec this year. If we do it anywhere else, we will let everyone know.